TP-LINK Smart Switches anyone?

aleatorvb

Since this thread is easily found by google I just wanted to add the the "windows java management application" is actually just a java app that can be used in linux too.

To run in ubuntu (for example) you need to:

• copy the exe from a windows install to linux
• rename exe to .java
• install java 8 at minimum:

sudo add-apt-repository ppa:webupd8team/java
sudo apt-get update
sudo apt-get install oracle-java8-installer

• enable forwarding

echo 1 > /proc/sys/net/ipv4/ip_forward

• use iptables to route  udp packets to correct interface

iptables -t nat -A PREROUTING -p udp -d 255.255.255.255 --dport 29809 -j DNAT --to [your ip address]:29809

Tested last night and confirmed to be working

More details here : http://sadevil.org/blog/2015/08/30/managing-tp-link-easy-smart-switches-from-linux/ (i've put the short version here in case that page dissapears)

Qinn

Just bought a TL-SG108E and I am somewhat lost with 802.1Q and 802.1Q PVID Setting and could use some help.

In pfsense I have 2 NIC's WAN(EM0) and LAN(Em1). I've created a 2 VLAN's on EM1, VLAN101 and VLAN102.  In pfsense I have created the following rules:

WAN on default rule

LAN on default rule (so can go everywhere)

VLAN101 can not go to VLAN102 and VLAN101 can go everywhere but the LAN.

VLAN102 can not go to VLAN 101 and VLAN101 can go everywhere but the LAN.

So basically the VLAN101 and VLAN102 can only go to the WAN eg Internet.

Now I have to configure the smart switch  and I am lost between tagged, untagged and the 801.1Q PVID setting :-[

http://nl.tp-link.com/res/down/doc/TL-SG108E_V2_UG.pdf

Can someone point me in the right direction on how to setup the switch?

wbond

@Qinn:

Just bought a TL-SG108E and I am somewhat lost with 802.1Q and 802.1Q PVID Setting and could use some help.
eone point me in the right direction on how to setup the switch?

I don't have the same switch, but it's a TP-Link so the settings should be similar.  The screen shot shows the vlan settings on my tl-sg2008 switch.  In my case switch port 1 is wired to the pfsense port for lan/opt1/opt2 which are setup in pfSense as vlans 10, 20, & 30.

The switch ports 2,3, & 4 carry the to/from the rest of the network segments.  The PVID setting tags the incoming packets to the switch with the vlan tags so that they're tagged when they hit pfSense and it can sort them out.

Switch port 1 is a member of all 3 vlans, while 2, 3, & 4 are only members of their respective vlans.  Ports 5-8 are for internal traffic only, so can be ignored in this context.

It seems in your case that you don't have LAN on a vlan and then have two vlans.  I think you can make this work if you don't tag those LAN packets with a vlan id when they enter the switch, so the settings would be slightly different than what I'm using.  As I recall I had it setup this way originally, but then moved LAN to its own vlan so that I wasn't moving both tagged and untagged packets to/from pfSense.

Hope this helps,
Bill


robi

@aleatorvb:

Since this thread is easily found by google I just wanted to add the the "windows java management application" is actually just a java app that can be used in linux too.

Thanks! Nice find!
8) 8) 8) 8)

Qinn

@wbond:

@Qinn:

Just bought a TL-SG108E and I am somewhat lost with 802.1Q and 802.1Q PVID Setting and could use some help.
eone point me in the right direction on how to setup the switch?

I don't have the same switch, but it's a TP-Link so the settings should be similar.  The screen shot shows the vlan settings on my tl-sg2008 switch.  In my case switch port 1 is wired to the pfsense port for lan/opt1/opt2 which are setup in pfSense as vlans 10, 20, & 30.

The switch ports 2,3, & 4 carry the to/from the rest of the network segments.  The PVID setting tags the incoming packets to the switch with the vlan tags so that they're tagged when they hit pfSense and it can sort them out.

Switch port 1 is a member of all 3 vlans, while 2, 3, & 4 are only members of their respective vlans.  Ports 5-8 are for internal traffic only, so can be ignored in this context.

It seems in your case that you don't have LAN on a vlan and then have two vlans.  I think you can make this work if you don't tag those LAN packets with a vlan id when they enter the switch, so the settings would be slightly different than what I'm using.  As I recall I had it setup this way originally, but then moved LAN to its own vlan so that I wasn't moving both tagged and untagged packets to/from pfSense.

Hope this helps,
Bill

Thanks for you time. I tried to set it up (from the console) as you described. So VLAN101 (em1), VLAN102(em1) and VLAN 105(em1) where VLAN101 was connected to port 1, but no IP's were given. The switch was configured as in the screenshots below.


jahonix

You don't want VLAN1 on ports 1-8 untagged at all and
you need VLAN 101 untagged on port2, VLAN102 untagged on port3 and vlan105 untagged on port4.
You probably want VLAN101 (your LAN) untagged on ports 5-8 as well.

Basically, what you're doing is this:
-use EM1 as trunk port (think carrier) that transports the VLANs to your switch. The switch has one port that receives all VLANs TAGGED (port 1 in your case).
-access each VLAN on one port of the switch that has this and only this VLAN UNtagged.

Qinn

@jahonix:

You don't want VLAN1 on ports 1-8 untagged at all and
you need VLAN 101 untagged on port2, VLAN102 untagged on port3 and vlan105 untagged on port4.
You probably want VLAN101 (your LAN) untagged on ports 5-8 as well.

Basically, what you're doing is this:
-use EM1 as trunk port (think carrier) that transports the VLANs to your switch. The switch has one port that receives all VLANs TAGGED (port 1 in your case).
-access each VLAN on one port of the switch that has this and only this VLAN UNtagged.

With the tl-link sg108e you cannot remove the untagged 1-8 setting it's grayed out. I have returned this one to the store.

whosmatt

@aleatorvb:

Since this thread is easily found by google I just wanted to add the the "windows java management application" is actually just a java app that can be used in linux too.

To run in ubuntu (for example) you need to:

• copy the exe from a windows install to linux
• rename exe to .java
• install java 8 at minimum:

sudo add-apt-repository ppa:webupd8team/java
sudo apt-get update
sudo apt-get install oracle-java8-installer

• enable forwarding

echo 1 > /proc/sys/net/ipv4/ip_forward

• use iptables to route  udp packets to correct interface

iptables -t nat -A PREROUTING -p udp -d 255.255.255.255 --dport 29809 -j DNAT --to [your ip address]:29809

Tested last night and confirmed to be working

More details here : http://sadevil.org/blog/2015/08/30/managing-tp-link-easy-smart-switches-from-linux/ (i've put the short version here in case that page dissapears)

This is awesome. Thanks!

Qinn

Maybe a stupid Q to ask in a thread that has the name TP-LINK. But has someone a good advise for a reasonable priced switch say 8 ports that has all the "proper settings" so not something stupid like the greyed out VLAN 1 untagged setting on all ports. (Btw the way I had a lot of badpackets with the sg108e)

Guest

Maybe a stupid Q to ask in a thread that has the name TP-LINK. But has someone a good advise for a reasonable priced switch say 8 ports that has all the "proper settings" so not something stupid like the greyed out VLAN 1 untagged setting on all ports. (Btw the way I had a lot of badpackets with the sg108e)

Here in Germany I am using some of the Netgear GS108Tv2 switches for ~65 € with LAG (LACP), VLAN,
mirrored Port and others. It comes in a solid made metal case with proper anti slip gum feeds and is
able to be powered over PoE if needed. The other one is the Netgear ProSAFE M4100-D12G for ~200 €
but more powerful and not silent.

You might also be happy with a Cisco SG200 or SG300 switch with 8 or 10 ports, they are really fine
working and comes with a cool GUI and the SG300 series on top with CLI support and SFP slots.
Its only my feeling about this other may find them not matching or to high in price.

jahonix

@Qinn:

With the tl-link sg108e you cannot remove the untagged 1-8 setting it's grayed out. I have returned this one to the store.

You can once you set another VLAN as default, usually your LAN (if you don't use out-of-band management).

Qinn

@BlueKobold:

Maybe a stupid Q to ask in a thread that has the name TP-LINK. But has someone a good advise for a reasonable priced switch say 8 ports that has all the "proper settings" so not something stupid like the greyed out VLAN 1 untagged setting on all ports. (Btw the way I had a lot of badpackets with the sg108e)

Here in Germany I am using some of the Netgear GS108Tv2 switches for ~65 € with LAG (LACP), VLAN,
mirrored Port and others. It comes in a solid made metal case with proper anti slip gum feeds and is
able to be powered over PoE if needed. The other one is the Netgear ProSAFE M4100-D12G for ~200 €
but more powerful and not silent.

You might also be happy with a Cisco SG200 or SG300 switch with 8 or 10 ports, they are really fine
working and comes with a cool GUI and the SG300 series on top with CLI support and SFP slots.
Its only my feeling about this other may find them not matching or to high in price.

Thanks I bought one GS108Tv2

Qinn

@jahonix:

@Qinn:

With the tl-link sg108e you cannot remove the untagged 1-8 setting it's grayed out. I have returned this one to the store.

You can once you set another VLAN as default, usually your LAN (if you don't use out-of-band management).

You are completely right

buttermilk

@Qinn:

@jahonix:

@Qinn:

With the tl-link sg108e you cannot remove the untagged 1-8 setting it's grayed out. I have returned this one to the store.

You can once you set another VLAN as default, usually your LAN (if you don't use out-of-band management).

You are completely right

Trying to get this sorted…. are you by changing the trunk port to a different PVID than 1?  In the SG108E using 802.1q VLANs I do not see a way to set a default.  I must be missing something.

Thanks in advance.

jahonix

Every port you don't want to run on VLAN1 (which should be all ports…) needs to have a VLAN > 1.
I don't know the SG108E so I can't tell about a default setting somewhere.

rremingt

@stephenw10:

Well at least that's an answer to the earlier question, there is no web interface on the cheapest model. Disappointing.

Steve

I ran nmap on my Mac laptop against the default IP of 192.168.0.1 and port 80 is open. I tried it and got a login page. After entering admin/admin, I was in and looking at a very usable Web UI!

whosmatt

@rremingt:

@stephenw10:

Well at least that's an answer to the earlier question, there is no web interface on the cheapest model. Disappointing.

Steve

I ran nmap on my Mac laptop against the default IP of 192.168.0.1 and port 80 is open. I tried it and got a login page. After entering admin/admin, I was in and looking at a very usable Web UI!

I have two of the TL-SG108E.  The first one I bought, which is V1, does not have a web UI.  The second one, V2, does.  They are both manageable via the Java app, but only the V2 model is manageable over a browser.  Hope this helps someone.

robi

@whosmatt:

I have two of the TL-SG108E.  The first one I bought, which is V1, does not have a web UI.  The second one, V2, does.  They are both manageable via the Java app, but only the V2 model is manageable over a browser.

That's great news!
And it seems to be true also for the smallest model too, which is TL-SG105E! 5 gigabit ports, supports VLANs and does not require any proprietary software! Perfect for multi-LAN setups! Very good price…

garylovesbeer

I actually prefer the java interface.

Found a version that runs on OS X that launches the application without having to launch a vmware Windows session.

dennypage

If anyone is interested, I have a TL-SG2216 and a couple of TL-SG2008 switches that are looking for a good home. Please PM me if interested.